Jump to content

Recommended Posts

Hello,

I'm asking for help on a similar issue to many other posters, i.e. MBA freezes during scan, usually on the same folder. I became worried that this computer might be affected by a trojan/virus when MBA started blocking communication to a russian server (see attached image). As per instructions I have scanned with mb-check and Farbar and have attached the corresponding log files.

Any help would be much appreciated.

 russian_site.thumb.JPG.19b6cebaf2472b77c857da6e1a8f7fa1.JPG

mb-check-results.zip

Addition.txt

FRST.txt

Link to post
Share on other sites

I have had 2 installations of MalwareBytes Premium go bad in the last couple of days. First one - fully registered edition. Some protections disabled, could not complete scan etc. Uninstalled and reinstalled MWB and seems OK. 

Second one - trial version. Couldn't uninstall, couldn't get to Internet, couldn't launch command prompt, couldn't open Excel (etc.).  Disabled the MWB service for now, disabled the MWB startup item (msconfig/Win 7 Pro). Machine is now running OK - will do more work on this at the end of the workday. Guessing I can either install MWB again over the bad installation or delete it using a 3rd party tool.

Both machines also have Symantec Endpoint Protection corporate V12.1.6, which is seemingly running fine. 

 

 

Link to post
Share on other sites

Hello @PJBeee, a conflict between Malwarebytes and Symantec Endpoint Protection was discovered recently. To fix the issue you have to add exclusions and reboot your computer a few times for both programs to start working correctly.

The AV Exclusions that need to be added to SEP are below

I would like you to add these files to your Anti-Virus exclusions list as mentioned in this FAQ HERE (my list below includes the exe files as well)
 

  • C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe
  • C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
  • C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
  • C:\Program Files\Malwarebytes\Anti-Malware\MbamPt.exe
  • C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
  • C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
  • C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
  • C:\Windows\system32\Drivers\farflt.sys
  • C:\Windows\System32\drivers\mbae64.sys
  • C:\Windows\System32\drivers\mbam.sys
  • C:\Windows\System32\drivers\MBAMChameleon.sys
  • C:\Windows\System32\drivers\MBAMSwissArmy.sys
  • C:\Windows\System32\drivers\mwac.sys

Also please exclude the following folders too: (The complete folder)

  • C:\Program Files\Malwarebytes\Anti-Malware
  • C:\ProgramData\Malwarebytes\MBAMService

Link to post
Share on other sites

16 minutes ago, PJBeee said:

Thanks for the info!  Should be very helpful going forward. BTW shouldn't excluding the ...\Anti-Malware\ folder "automatically" exclude the individual files in that folder mentioned above the "complete folder" exclusion? -PJ

 

It should, however we all know how software can be buggy at times so I take the proactive approach and exclude all of it.  Also at times when they release newer versions, sometimes the files change, so having the whole folder helps.

Link to post
Share on other sites

@PJBeee it is actually both...

On ‎6‎/‎26‎/‎2017 at 9:34 AM, Firefox said:

C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

 

On ‎6‎/‎26‎/‎2017 at 9:34 AM, Firefox said:

C:\ProgramData\Malwarebytes\MBAMService

Notice the file path for the file and folder are different...

Link to post
Share on other sites

1. Could not find folder MBAMService in these particular installations. But one machine is fine after patching Symantec Anti-Virus.

2. On one PC, I cannot re-install MBAM at all. Keep getting access denied. MalwareBytes folder and sub-folders still there after using the MB-cleaning tool. Used Unlocker to rename, then remove MalwareBytes folder from Program Files. Still won't install - installer is unable to create folders. If I create folders MalwareBytes Folder and Anti-Malware sub-folder manually, the install fails as well and I'm back to using tricks to rename and then delete those same folders,but the installation won't work. Any ideas?

 

 

Link to post
Share on other sites

5 hours ago, PJBeee said:

1. Could not find folder MBAMService in these particular installations. But one machine is fine after patching Symantec Anti-Virus.

The folder is Hidden so make sure you have Show All Files enabled in your folder options.... Good to hear one machine is good to go now.

On the second computer, try running the MB3 Clean tool in windows safe mode... Also on the second computer if you get us some logs we may be able to help with getting it installed.

Let's try this first.... (Malwarebytes clean removal tool will backup your license information and then re-enter the license to the new install)

  1. Please follow the steps in this pinned topic to uninstall your current version of MBAM and reinstall the latest build - Malwarebytes mb-clean tool (NOTE: After uninstalling with the mb-claen tool you will be asked to reboot. Once you reboot it will ask you if you want to re-install Malwarebytes, you can select YES (it will download the latest version) or you can download the latest version manually (currently v3.1.2.1733 ) to re-install from HERE)
  2. If that does not correct the issue, then please read the following and attach to your next reply the 3 requested logs - Diagnostic Logs (the 3 logs are: mb-check-results.zip, FRST.txt, Addition.txt)
  3. NOTE: More info about the latest Malwarebytes 3.1.2 HERE; MB 3 User Guide ONLINE; MB 3 User Guide PDF; MB 3 FAQ: Malwarebytes 3.0 - Frequently Asked Questions


Please let us know how it goes.


Thank You,

Firefox

Link to post
Share on other sites

That explains a little. I need to get on-site before I can do this because of the Safe Mode operations; can do this next week.  Meanwhile we're running a current version of corporate Symantec Endpoint Protection, and that has been effective thus far.

Many thanks for your prompt responses!  -PJ

Edited by PJBeee
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.